期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于Kerberos的统一认证授权研究 被引量:3

Centralized authentication and authorization based on Kerberos
下载PDF
导出
摘要 应用广泛的Kerberos协议缺乏支持集中式授权的机制,无法解决集团型企业跨域访问控制问题。本文提出一种基于Kerberos的统一认证授权方案KCAA,通过Kerberos与授权中心的无缝集成,有效实现总部对跨域访问的集中式认证授权。KCAA采用抽象用户减少各域内信息同步量,并采用身份代理简化Kerberos的部署。在大规模集团型企业信息化建设中的应用表明,KCAA无需对现有系统进行大规模改造,即可实现集中式跨域访问控制,具有良好应用价值。 Because of lacking support for centralized authorization, widely-applied Kerberos couldn't realize cross-domain access control in group enterprises. Therefore, a Kerberos-based Centralized Authentication Authorization (KCAA) scheme is proposed. By integrating centralized authorization into Kerberos, KCAA achieves centralized authentication and authorization in headquarter for cross-domain access. KCAA uses abstract users to reduce information synchronization in different domains, and identity agents to simplify deployment of Kerberos. KCAA shows its application value in the informatization construction of a large group enterprise which proves that it could achieve centralized cross-domain access control without mass transformation of legacy systems.
作者 邴晓燕 邵贝恩
机构地区 清华大学国家CIMS工程技术研究中心
出处 《微计算机信息》 2009年第9期1-2,41,共3页 Control & Automation
关键词 KERBEROS 集团型企业 访问控制 认证授权 Kerberos group enterprises access control authentication and authorization
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献5

二级参考文献11

  • 1文铁华,谷士文.增强Kerberos协议安全性的改进方案[J].通信学报,2004,25(6):76-79. 被引量:24
  • 2Kohl J., Neuman C. The Kerberos Network Authentication Service (V5)[S]. RFC 1510, September 1993. 被引量:1
  • 3Bellovin S M, Merritt M. Limitations of the Kerberos Authentication System[J]. ACM SIGCOMM Computer Communication Review, 1990,20(5):119- 132. 被引量:1
  • 4Kehne A, SChonwalder J, Langendorfer H.A nonce-based protocol for multiple authentication[J]. Operating Systems Review,1992, 26(4) :84-89. 被引量:1
  • 5Itoi N, Honeyman P. Smartcard integration with kerberos v5[J]. Lecture Notes in Computer Science, 2001,2041 : 73 - 78. 被引量:1
  • 6Steiner J G,Neuman B C,schiller J I. Kerberos: An Authentication Service for Open Network Systems[A]. In Proceedings of the {USENIX} Technical Conference[C].[s.l.] : USENIX Association, 1988. 191 - 202. 被引量:1
  • 7Neuman B C. Proxy- Based Authorization and Accounting for Distributed Systems [A]. International Conference on Distributed Computing Systems [C]. [s.l.] : The .Washington Technology Center, 1993.283 - 291. 被引量:1
  • 8Au R, Looi M,Ashley P. Cross- domain one- shot authorization using smart cards[A]. In Proceedings of the 7th ACM conference on Computer and communications security [C]. [s.l] :ACM Press,2000. 220 - 227. 被引量:1
  • 9刘克龙,卿斯汉,蒙杨.一种利用公钥体制改进Kerberos协议的方法[J].软件学报,2001,12(6):872-877. 被引量:34
  • 10王晓刚,卢强华.Kerberos认证系统的分析和改进[J].武汉科技学院学报,2002,15(5):95-98. 被引量:6

共引文献10

同被引文献19

  • 1Liberty Alliance Project.Liberty Alliance Phase 2 Final Specifications [EB/OL] ,2003. 被引量:1
  • 2F.Trickey. Single Sign-On: Fantasy or Reality[M]. CSI ,Advisory Council. 2001. 被引量:1
  • 3Alonso G, Casati F, Kuno H, et al. Web Services Concepts, Architectures and Applications [M]. Slovenia: Springer Verlag, 2004. 被引量:1
  • 4Isao M. Toward realization of service-oriented architecture (SOA) [J]. Fujitsu Scientific and Technical Journal, 2006, 42(3): 306-315. 被引量:1
  • 5王辉.面向服务的企业应用系统开发和集成研究[D].北京:清华大学,2006. 被引量:1
  • 6LI Qing, ZHOU Jian, PENG Qirui, et al. Business processes oriented heterogeneous systems integration platform for networked enterprises [J]. Special Issue of Computers in Industry, 2010, 61(2): 127-144. 被引量:1
  • 7Cecilia Phan. Service oriented architecture (SOA)-security challenges and mitigation strategies [C]// Military Communications Conference. Piscataway, NJ: IEEEPress, 2007: 1-7. 被引量:1
  • 8Kanneganti R, Chodavarapu P. SOA Security [M]. Greenwich: Manning Publications Co, 2008. 被引量:1
  • 9MIT. Kerberos: The Network Authentication Protocol [DB/OL]. [2009-05-01]. http://web, mit. edu/kerberos/ www/index, html. 被引量:1
  • 10Chou W. Inside SSL: Accelerating secure transactions [J]. IT Professional, 2002, 4(5) : 37 - 41. 被引量:1

引证文献3

二级引证文献6

微计算机信息
2009年 第9期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部